b521f8d89b62a0b5f7e1df8d6e81bc4709b6ce867f877bcc8879e7895cde3af2 | Triage

Submit
Reports

Overview

overview

Static

static

b521f8d89b...f2.exe

windows7-x64

9

b521f8d89b...f2.exe

windows10-2004-x64

9

Sharing

General

Target

b521f8d89b62a0b5f7e1df8d6e81bc4709b6ce867f877bcc8879e7895cde3af2
Size

383KB
Sample

240524-cl4pdahf3w
MD5

b9f6ef4e098f3fcb4670459e5d88a092
SHA1

954440a2fb861a9fa1783cffdc6cc9fb5ae86f43
SHA256

b521f8d89b62a0b5f7e1df8d6e81bc4709b6ce867f877bcc8879e7895cde3af2
SHA512

87322756013a01672c3687f637e4cad8f0e72a42b6da08a263dcfa5167465682947aaec80939a12a483cf9b57a9495c11ab6d1103a1bc16e79a6f3b388d84448
SSDEEP

6144:Dd5afqlpDHA9NtTV3okaEXnMhr1gg5YdEV1l6RXMAcfBOWq3oXY/LBFV7UMXKb3w:Dd5acTP+n25J1sJWWLBF2MXKb5Ol7

Score

10^/10

persistence upx

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

b521f8d89b62a0b5f7e1df8d6e81bc4709b6ce867f877bcc8879e7895cde3af2.exe

Resource

win7-20240508-en

persistence upx

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

b521f8d89b62a0b5f7e1df8d6e81bc4709b6ce867f877bcc8879e7895cde3af2.exe

Resource

win10v2004-20240508-en

persistence upx

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  b521f8d89b62a0b5f7e1df8d6e81bc4709b6ce867f877bcc8879e7895cde3af2
- Size
  
  383KB
- MD5
  
  b9f6ef4e098f3fcb4670459e5d88a092
- SHA1
  
  954440a2fb861a9fa1783cffdc6cc9fb5ae86f43
- SHA256
  
  b521f8d89b62a0b5f7e1df8d6e81bc4709b6ce867f877bcc8879e7895cde3af2
- SHA512
  
  87322756013a01672c3687f637e4cad8f0e72a42b6da08a263dcfa5167465682947aaec80939a12a483cf9b57a9495c11ab6d1103a1bc16e79a6f3b388d84448
- SSDEEP
  
  6144:Dd5afqlpDHA9NtTV3okaEXnMhr1gg5YdEV1l6RXMAcfBOWq3oXY/LBFV7UMXKb3w:Dd5acTP+n25J1sJWWLBF2MXKb5Ol7
Score

9^/10

persistence upx
- UPX dump on OEP (original entry point)
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy